I have yet to see any studies that prove that Linux is any more secure
that Windows NT. In fact, most Linux distributions take the dangerous
tactic of running most services out of the box. Excluding IIS (hell,
what can you do?) a default install of NT is arguably more secure than a
default install of popular Linux distributions.
Don't get me wrong, I run *a lot* more Linux servers than NT servers
over here, but I think it's misleading when someone states simply that
Linux "is more secure" or "has better security." What does that mean?
Regards, Dustin
On Fri, 2001-09-14 at 13:05, Joe Lyman wrote:
> Michael,
>
> If you are a small company you should definitely consider using lower
cost/higher security software, e.g. Linux. A 486 Makes a decent DNS
server, IDS or Firewall. Anyway you look at it your overall costs are
going to be much lower with Linux, and you're going to learn some great
stuff in the process. If you're concerned about the difficulty of the
task, just think of all the help you could get here...
>
>
>
> Joseph Lyman
> Graphic Products, Inc.
> 503-644-5572 ex 5662
> 800-788-5572 Toll Free
> [EMAIL PROTECTED]
>
> >>> Michael Kjorling <[EMAIL PROTECTED]> 09/13/01 09:26AM >>>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Please apologize me if this has been asked before, but I haven't seen
> it lately at least.
>
> Right now several of my servers are serving more than one thing - one
> does web, mail (both SMTP and POP), and DNS. Another does the same and
> adds the usual risks with being a workstation as well.
>
> I have been lobbying to split this up on more machines, and using one
> per service. That is, let one machine handle the email (possibly
> forwarding it to internal systems), let one handle the web, two for
> DNS (master and slave) and so on. But we are talking about a pretty
> small company so I am having a problem of getting the hardware this
> would require. It took an actual break-in to one of the systems before
> I was allowed to buy a dedicated hardware firewall, and I would prefer
> not having to go through the same mess again.
>
> Could someone please give me some hints as to what the actual security
> implications would be of a setup like this? As it is, the company in
> question is rather dependant on their Internet connectivity (web site,
> email and so on), and I don't want to get into trouble if someone
> breaks in through a DNS implementation problem and then escalates
> their access and starts messing with the web site, for example.
>
> Any help is greatly appreciated!
>
>
> Michael Kjörling
>
> - --
> Michael Kjörling - [EMAIL PROTECTED] - PGP: 8A70E33E
> Manager Wolf.COM -- Programmer -- Network Administrator
> "We must be the change we wish to see" (Mahatma Gandhi)
>
> ^..^ Support the wolves in Norway -- go to ^..^
> \/ http://home.no.net/ulvelist/protest_int.htm \/
>
> ***** Please only send me emails which concern me *****
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.0.6 (GNU/Linux)
> Comment: For my PGP key: http://michael.kjorling.com/contact/pgp.html
>
> iD8DBQE7oN5TKqN7/Ypw4z4RAkUwAJ43lou3pPNOtuDYx4Rp2DP64Tj1KQCeI0Tn
> EDoYeS++weIT3TWxp3PnkWA=
> =4/7X
> -----END PGP SIGNATURE-----
--
Dustin Puryear <[EMAIL PROTECTED]>
http://members.telocity.com/~dpuryear
In the beginning the Universe was created.
This has been widely regarded as a bad move. - Douglas Adams
